Dear Customer,
Thank you for contacting Network Solutions, Inc., InterNIC Registration Services.
We cannot give you access to our database for all records, other than what is in our whois database, is confidential and not available to the public.
Best Regards, II Network Solutions, Inc.
Network Solutions has never actually asked me to stop allowing full outbound zone transfers of all InterNIC TLD's from F.ROOT-SERVERS.NET. According to my logs, "dig @192.5.5.241 xxx axfr > xxx.zone" is a rather popular command: [dns1.pa:alpha] wc -l xfer.log* 1702 xfer.log 306 xfer.log.0 5560 xfer.log.1 3219 xfer.log.2 16859 xfer.log.3 12066 xfer.log.4 39712 total [dns1.pa:alpha] ls -l xfer.log* -rw-r--r-- 1 root system 162968 May 15 00:22 xfer.log -rw-r--r-- 1 root system 29856 May 7 17:00 xfer.log.0 -rw-r--r-- 1 root system 546016 May 6 22:01 xfer.log.1 -rw-r--r-- 1 root system 325942 Apr 15 21:05 xfer.log.2 -rw-r--r-- 1 root system 1724302 Apr 6 19:08 xfer.log.3 -rw-r--r-- 1 root system 1194194 Feb 28 11:35 xfer.log.4 If NSI should ask me to restrict outbound zone transfers, then I would of course immediately ask the IANA whether to comply with that request. And so now you all know why BIND-8's first development priority was to stop forking for outbound zone transfers -- I can export the COM zone 50 times in parallel (and I sometimes do) without changing the runtime profile of F.ROOT-SERVERS.NET. -- Paul Vixie La Honda, CA <paul@vix.com> "Many NANOG members have been around pacbell!vixie!paul longer than most." --Jim Fleming
Paul Vixie wrote:
If NSI should ask me to restrict outbound zone transfers, then I would of course immediately ask the IANA whether to comply with that request.
There are issues that come up outside of just "I want the COM tld", which I haven't seen anyone address yet: - Registration of domain names under NDA; - Registration/Allocation of IP addresses under NDA. By "under NDA," I mean, for example, this: Company X wants to get a /19 for its Internet gatewaying to the Internet. They will give information to ARIN to justify the IP addresses (which there /is/ an NDA agreement for); however, they do not want contact information available on the Internet. Say they want the same for their domain name - Something that doesn't really make sense, like XYTSDGC.COM, a "secret" domain name for their outside sales force, extranet/customer information, etc. -- Yes, it's not really a "right" thing, because if abuse comes from that IP range or gatewayed via a mail relay from xytsdgc.com (or some other abuse) it becomes difficult to track -- But the issue still exists. I wonder if this has been brought up before, and what the results of this have been (and if NSI or ARIN have replied publicly). Back on topic-- As far as the root zones go, those userid/password combos were only supposed to be given out to iTLD and root server operators. It didn't exactly go that way.. I have one myself.. but I think NSI really is doing the "right thing" by not giving out zones. The only reason I can think of, that one would need an entire zone, would be for mailspamming. Other "useful" things would be webcrawlers getting new zones (altho I dont think it's a good idea to webcrawl without someone submitting), and to have statistics data. None of which, just like this post, is critical or important to the operation of the Internet. :-) -jamie -- jamie rishaw (dal/efnet:gavroche) American Information Systems, Inc. rdm: "Religion is obsolete." gsr: "By what?" jgr: "Solaris." (1996) Tel:312.425.7140, FAX:312.425.7240
As far as the root zones go, those userid/password combos were only supposed to be given out to iTLD and root server operators. It didn't exactly go that way.. I have one myself.. but I think NSI really is doing the "right thing" by not giving out zones. The only reason I can think of, that one would need an entire zone, would be for mailspamming. Other "useful" things would be webcrawlers getting new zones (altho I dont think it's a good idea to webcrawl without someone submitting), and to have statistics data. None of which, just like this post, is critical or important to the operation of the Internet. :-)
I'd be happy for some degree of access control - I just don't like the fact that another UK company here can "legitimately" get access to the zone file information as a gTLD core and uses it for exactly the same reason we want it - whereas we're not "supposed" to. We want to use it to create an in house db of domains so we can track which domains are being released and do some stats stuff on it as well as do some degree of local domain querying without having to rely on internic's ropey whois) ... no desire to farm email addresses or anything. Manar
I believe this is why they cut off public access. The NIC was flooded with requests for domains that had just been deleted. People were hoping to make a buck. If you have a _legitimate_ need for zone file access, you will get it. I certainly had no problem after the NIC figured out their internal policy for granting access. --Ben Kirkpatrick, ELI Data Products Enginneering On Fri, 15 May 1998, Manar Hussain wrote: )We want to use it to create an in house db of domains so we can track which )domains are being released and do some stats stuff on it as well as do some )degree of local domain querying without having to rely on internic's ropey )whois) ... no desire to farm email addresses or anything.
On 15 May 1998, Paul Vixie wrote:
We cannot give you access to our database for all records, other than what is in our whois database, is confidential and not available to the public.
Network Solutions has never actually asked me to stop allowing full outbound zone transfers
Thanks to Paul, I can now do the scans of the com, net and org domains and add to my list of projects "cleaning up lame delegations". It's unfortunate that NSI wants to control access to this data. Doing a zone transfer rather than ftping a gzipped file wasted huge amounts of bandwith...both mine and Pauls. $ gzip -l com.zone.gz compressed uncompr. ratio uncompressed_name 47530626 209099660 77.2% com.zone ------------------------------------------------------------------ Jon Lewis <jlewis@fdt.net> | http://noagent.com/?jl1 for cheap Network Administrator | life insurance over the net. Florida Digital Turnpike | ______http://inorganic5.fdt.net/~jlewis/pgp for PGP public key____
participants (5)
-
Ben Kirkpatrick
-
jamie@dilbert.ais.net
-
Jon Lewis
-
Manar Hussain
-
Paul Vixie